MISP Threat Intelligence & Sharing

0x00 前言

Rapidly Search and Hunt through Windows Forensic Artefacts - WithSecureLabs/chainsaw

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs. - Yamato-Security/hayabusa

Fast and Lightweight Logs, Metrics and Traces processor for Linux, BSD, OSX and Windows - fluent/fluent-bit

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)... - ...

Contribute to CronUp/Vulnerabilidades development by creating an account on GitHub.

MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.

Microsoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that the mitigation for on-premise servers is far from enough.

Security chapter of the 2022 Web Almanac covering Transport Layer Security, content inclusion (CSP, Feature Policy, SRI), web defense mechanisms (tackling XSS, XS-Leaks), and drivers of security mechanism adoptions.

In this report we focus on tactics, techniques, and procedures (TTPs) of the DeftTorero (aka Lebanese Cedar or Volatile Cedar) threat actor, which targets Middle East countries.

Providing security research and red team techniques

Kaspersky researchers detected OnionPoison campaign: malicious Tor Browser installer spreading through a popular YouTube channel and targeting Chinese users.